package com.marisfrolg.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.RemoteTokenServices;
import org.springframework.security.oauth2.provider.token.TokenStore;

/**
 * @description:
 * @package com.marisfrolg.config
 * @who MiaoMiao "Sprout" BI
 * @date 2023-01-01 11:59:25
 */
@Configuration
@EnableResourceServer
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {

    @Value("${spring.application.name}")
    private String appName;
//
//    @Override
//    public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
//
//        //客户端client1
//        RemoteTokenServices authCodeClient = new RemoteTokenServices();
//        //配置去哪里验证token
//        authCodeClient.setCheckTokenEndpointUrl("http://127.0.0.1:3001/oauth/check_token");
//        //配置组件的clientid和密码,这个也是在auth中配置好的
//        authCodeClient.setClientId("client1");
//        authCodeClient.setClientSecret("123123");
//
//        //客户端ods
//        RemoteTokenServices passwordClient = new RemoteTokenServices();
//        //配置去哪里验证token
//        passwordClient.setCheckTokenEndpointUrl("http://127.0.0.1:3001/oauth/check_token");
//        //配置组件的clientid和密码,这个也是在auth中配置好的
//        passwordClient.setClientId("ods");
//        passwordClient.setClientSecret("123123");
//
//
//        //设置服务资源Id
//        resources
//                //该服务资源的唯一表示,
//                .resourceId(appName)
//                //设置有访问权限的客户端
//                .tokenServices(authCodeClient)
//                .tokenServices(passwordClient)
//                //这个貌似是配置要不要把token信息记录在session中
//                .stateless(true);
//
//    }
//
    @Autowired
    private TokenStore tokenStore;

    @Override
    public void configure(ResourceServerSecurityConfigurer resources) {
        resources.resourceId(appName)
                .tokenStore(tokenStore)
                .stateless(true);
    }



//    @Override
//    public void configure(HttpSecurity http) throws Exception {
//        http.csrf().disable()
//                .authorizeRequests()
////
////                //本项目所需要的授权范围,这个scope是写在auth服务的配置里的
//                .antMatchers("/**").access("#oauth2.hasScope('scope1')")
//
//                .and()
//
//                //这个貌似是配置要不要把token信息记录在session中
//                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
//    }


//    @Override
//    public void configure(HttpSecurity http) throws Exception {
//        http.csrf().disable()
//                .authorizeRequests()
//
//                //本项目所需要的授权范围,这个scope是写在auth服务的配置里的
//                .antMatchers("/**").access("#oauth2.hasScope('scope1')")
//
//                .and()
//
//                //这个貌似是配置要不要把token信息记录在session中
//                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
//    }

}
